Which is MOST important when contracting an external party to perform a penetration test?

• A.Obtain approval from 17 management.
• B.Provide network documentation.
• C.Increase the frequency of log reviews.
• D.Define the project scope

Comment: *

Name: *

Email: *

Verification: *

When outsourcing data to a cloud service provider, which of the following should be the information security manager's MOST important consideration?

• A.Roles and responsibilities have been defined for the subscriber organization.
• B.Cloud servers are located in the same country as the organization.
• C.Data stored at the cloud service provider is not co-mingled.
• D.Access authorization includes biometric security verification.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST appropriate method of ensuring password strength in a large organization?

• A.Attempt to reset several passwords to weaker values
• B.Install code to capture passwords for periodic audit
• C.Sample a subset of users and request their passwords for review
• D.Review general security settings on each platform

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST ensures that security risks will be reevaluated when modifications in application developments are made?

• A.A problem management process
• B.Background screening
• C.A change control process
• D.Business impact analysis (BIA)

Comment: *

Name: *

Email: *

Verification: *

In the process of deploying a new e-mail system, an information security manager would like to ensure the confidentiality of messages while in transit. Which of the following is the MOST appropriate method to ensure data confidentiality in a new e-mail system implementation?

• A.Encryption
• B.Digital certificate
• C.Digital signature
• D.I lashing algorithm

Comment: *

Name: *

Email: *

Verification: *